[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-ids
Subject: New SMB and DCERPC features on Impacket released with doc
From: Gerardo Richarte <lists () core-sdi ! com>
Date: 2006-05-29 18:15:32
Message-ID: 447B3A44.3060305 () core-sdi ! com
[Download RAW message or body]
Hi!
As we promised in the too short 5 minutes talk at CanSecWest last month, here we \
are publishing a new version of Impacket including all the new features we added for \
SMB and DCERPC. At the same time we are releasing a document describing what this new \
and weird features are, full of examples of how to use them, including a crash for \
MS05-039 (UMPNP remotely exploitable buffer overflow), writen in python using this \
library, which can be used as base for other DCERPC exploits and configured in lots \
of different ways to send non-standard and correct trafic.
Some of the new features are:
* NMB and SMB (high-level implementations).
* DCE/RPC versions 4 and 5, over different transports: UDP (version 4 \
exclusively), TCP, SMB/TCP, SMB/NetBIOS and HTTP.
* Multiple ways of doing SMB tree_connect, file open, read, write.
* SMB "fragmentation", SMB AndX command chaining.
* Plain, NT and LM v1 authentications, using password and hashes only.
* Portions of the following DCE/RPC interfaces: Conv, DCOM, EPM, SAMR, SvcCtl, \
WinReg.
* DCERPC Alternate contexts, Multi-bind requests, Endianness selection
* DCERPC NT and LM v1 authentication, integrity checking and encryption.
* DCERPC v4 and v5 fragmentation, DCERPC v4 idempotent requests.
take a look here:
http://www.corest.com/common/showdoc.php?idx=539&idxseccion=11
and send feedback, to us
gera and beto
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic